RDS data security apparatus and method

ABSTRACT

A remote diagnostic system (RDS) data security device and method are provided, in which an interface unit receives an RDS command from a host, a storage unit stores a security setting for RDS data, and a control unit performs an operation for the RDS data according to the RDS command and the security setting, wherein the result obtained by the performance is selectively transmitted externally. Accordingly, since the reading and writing operations of RDS data are performed according to an RDS command received from the host and previously stored security setting, and the result obtained by the reading and writing operations is displayed, data collected in the RDS can be prevented from being transmitted to the server without permission, and data allowed to an authorized user can be transmitted to the server.

CROSS-REFERENCE TO RELATED PATENT APPLICATIONS

This application claims the benefit under 35 U.S.C. §119(a) of KoreanPatent Application No. 10-2005-0081331, filed on Sep. 1, 2005, in theKorean Intellectual Property Office, the entire disclosure of which ishereby incorporated by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a remote diagnostic system (RDS) datasecurity method and apparatus. More particularly, the present inventionrelates to a method and device for securing RDS data by performing anRDS operation according to an RDS command and a security setting, anddisplaying a result obtained from the performance.

2. Description of the Related Art

Remote diagnostic systems (RDSs) allow a seller or a management companyto diagnose a user's product remotely without visiting a user. RDSsreceive a command from a host or a web, diagnose the state of a printer,change a state value of the printer, or inform a user of an error. RDSsare classified into an RDS client module included in a product and anRDS server module that collects RDS information. An RDS client comprisesa customer replaceable unit monitor (CRUM), a toner level, an input/out(I/O) interface, a finisher, a scanner, a duplex automatic documentfeeder (DADF), an automatic document feeder (ADF), and a memory. The I/Ointerface comprises a fax, a USB, a parallel, and a network.Furthermore, RDSs include a software module for performing variousfunctions, printer user record, and a printer error record.

When the RDS client receives a diagnosis event, the RDS diagnoses eachof the modules and transmits the diagnostic results to an RDS server.

The diagnostic results transmitted from the RDS to the RDS server mayinclude business information of the user or delicate information that isnot intended to be disclosed. RDS data reading and writing may beclassified in terms of the data importance. For example, in a printer,since RDS data such as kinds of paper, a setting, a manager's name, asystem date, and a department using the printer have a lower importance,both reading and writing can be performed on the RDS data. However,since a printer access log record, a printer IP address, a job liststored in a printer hard disk, a list of data processed by the printer,and the like are very important data in operating and securing theprinter, the writing is not allowed.

The conventional RDSs transmit any collected information to the RDSserver. That is, the RDS does not transmit RDS data selected by the userbut RDS data selected by a service provider. Information collected in anenvironment of a particular company or office may include confidentialinformation that is restricted and is not to be transmitted externally.In this case, a network manager may block the RDS data using a firewall.However, using a firewall is costly. Thus, there is a need for a methodof selectively transmitting the RDS data according to a security policywithout the firewall.

SUMMARY OF THE INVENTION

An aspect of exemplary embodiments of the present invention is toaddress at least the above problems and/or disadvantages and to provideat least the advantages described below. Accordingly, an aspect ofexemplary embodiments of the present invention is to provide a remotediagnostic system (RDS) data security apparatus and method, whichperforms reading and writing operations for RDS data according to an RDScommand received from a host and previously stored security setting, anddisplays a result obtained by the performance to prevent data collectedby the RDS from being transmitted to a server without a user'spermission and reinforce a RDS data security.

According to an aspect of exemplary embodiments of the presentinvention, there is provided a remote diagnostic system (RDS) datasecurity apparatus, in which an interface unit receives an RDS commandfrom a host; a storage unit stores a security setting for RDS data; anda control unit performs an operation for the RDS data according to theRDS command and the security setting, wherein the result obtained by theperformance is selectively transmitted externally.

In an exemplary implementation, a display unit displays the result.

In another exemplary implementation, the control unit may store theresult obtained by performing the operation of RDS data.

In still another exemplary implementation, the control unit maydetermine whether to transmit the result stored in the storage unit to aserver according to a command input by a user after the user verifiesthe result displayed on the display unit, and the security setting.

In a further exemplary implementation, the display unit may be includedin the RDS data security apparatus or is an external device connected tothe RDS data security apparatus via a network.

In an exemplary implementation, the security setting may requireauthentication according to the RDS data importance.

In another exemplary implementation, the control unit may parse the RDScommand to determine whether the RDS data requires authentication, andwhen a determination is made that the RDS data requires authentication,an error message is displayed on the display unit if the RDS data isincorrectly authenticated or not authenticated.

In still another exemplary implementation, the security setting mayrequire different authentication requirements for the same RDS dataaccording to the type of operations.

In a further exemplary implementation, the security setting may be setto determine whether to transmit the RDS data to the server according toan encryption level of the RDS data.

According to another aspect of exemplary embodiments of the presentinvention, there is provided an RDS data security, in which an RDScommand is received from a host; a security setting is stored for RDSdata in a storage unit; and an operation for RDS data is performedaccording to the RDS command and the security setting, wherein theresult obtained by the performance is selectively transmittedexternally.

In an exemplary implementation, the result is displayed on a displayingunit after the performing of the operation.

In another exemplary implementation, the result is stored in the storageunit after the performing of the operation.

In still another exemplary implementation, whether the result stored inthe storage unit is transmitted to a server is determined according to acommand input by a user after the user verifies the result displayed onthe display unit, and the security setting.

In a further exemplary implementation, the display unit may be includedin an RDS data security device or is an external apparatus connected tothe RDS data security apparatus via a network.

In an exemplary implementation, the security setting may requireauthentication according to the importance of the RDS data.

In another exemplary implementation, the performing of the operation mayfurther comprise determining whether the RDS data requiresauthentication by parsing the RDS command, and when a determination ismade that the RDS data requires authentication, an error message isdisplayed on the display unit if the RDS data is incorrectlyauthenticated or not authenticated.

In still another exemplary implementation, the security setting mayrequire different authentication requirements for the same RDS dataaccording to type of operations.

In a further exemplary implementation, the security setting may be setto determine whether or not to transmit the RDS data to the serveraccording to an encryption level of the RDS data.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects, features and advantages of certainexemplary embodiments of the present invention will be more apparentfrom the following description taken in conjunction with theaccompanying drawings, in which:

FIG. 1 is a block diagram of a remote diagnostic system (RDS) datasecurity apparatus according to an exemplary embodiment of the presentinvention;

FIG. 2 is a view illustrating an RDS data security apparatus thatcollects RDS data, displays the RDS data, and selectively transmits theRDS data to a server in an office environment according to an exemplaryembodiment of the present invention; and

FIG. 3 is a view illustrating an RDS data security apparatus thatcollects RDS data, displays the RDS data, and selectively transmits theRDS data to a server in a typical home environment that does not includea computer according to an exemplary embodiment of the presentinvention; and

FIG. 4 is a flowchart illustrating an RDS data security method accordingto an exemplary embodiment of the present invention.

Throughout the drawings, the same drawing reference numerals will beunderstood to refer to the same elements, features, and structures.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS

The matters defined in the description such as a detailed constructionand elements are provided to assist in a comprehensive understanding ofthe embodiments of the invention. Accordingly, those of ordinary skillin the art will recognize that various changes and modifications of theembodiments described herein can be made without departing from thescope and spiting of the invention. Also, descriptions of well-knownfunctions and constructions are omitted for clarity and conciseness.

FIG. 1 is a block diagram of a remote diagnostic system (RDS) datasecurity apparatus according to an exemplary embodiment of the presentinvention. Referring to FIG. 1, the RDS data security apparatus includesan interface unit 100, storage unit 110, control unit 120, and displayunit 130.

The interface unit 100 serves as an input/output device to allow aperipheral device that controls and diagnoses a multifunctional deviceto be connected to the multifunctional device. The multifunctionaldevice performs various functions such as printing, scanning, andfacsimileing. The interface unit 100 connects the multifunctional deviceto the peripheral device. Further, the interface unit 100 receives a RDScommand from a host (not shown).

The storage unit 110 stores a history of the multifunctional device thatis controlled and diagnosed by the peripheral device, and a securitysetting for RDS data. Furthermore, the storage unit 110 temporarilystores data to be printed or scanned by the multifunctional device.

The storage unit 110 may be a flash memory or a hard disk.

The control unit 120 performs reading and writing operations of the RDSdata according to the RDS command and the security setting. The controlunit 120 stores a result obtained by reading and writing the RDS data inthe storage unit 110.

The control unit 120 determines whether to transmit the result stored inthe storage unit 110 to a server and a command input by a user based onthe result displayed in the display unit 130 according to the securitysetting. The security setting may require authentication for informationrequiring data security according to the importance of the RDS data. Theauthentication may be performed using identification (ID) or a password.The authentication requirement for the same RDS data may be differentaccording to the type of reading and writing operations.

When the security setting requires the authentication for informationrequiring security, the control unit 120 parses the RDS command todetermine if the RDS data requires authentication. When the RDS data isincorrectly authenticated or not authenticated, although a determinationis made that the RDS data requires authentication, an error message isdisplayed on the display unit 130.

According to an exemplary embodiment of the present invention, thesecurity setting may be set to determine whether the RDS data istransmitted to a server according to the encryption level of the RDSdata. That is, when the data may be encrypted with a high level ofencryption and is transmitted to the server, the transmitted data can beread if there is a decryption key corresponding to an encryption key.Accordingly, the security setting can be set to determine the highlyencrypted data to be transmitted to the server.

When the control unit 120 performs reading and writing operations of theRDS data according to the RDS command and the security setting, thedisplay unit 130 displays the results obtained by the reading. Thedisplay unit 130 may be installed in the RDS data security apparatus orimplemented as an external device connected to the RDS data securityapparatus via a network.

FIG. 2 is a view illustrating an RDS data security apparatus thatcollects RDS data, displays the RDS data, and selectively transmits theRDS data to a server in an office environment according to an exemplaryembodiment of the present invention. Referring to FIG. 2, when a host210 transmits an RDS command to a RDS client 200, the RDS client 200performs an operation in response to the RDS command and transmits aresult obtained by the operation to the host 210. The host 210 displaysthe received result and determines whether to transmit the entire or apart of the result to a server 220.

FIG. 3 is a view illustrating an RDS data security apparatus thatcollects RDS data, displays the RDS data, and selectively transmits theRDS data to a server in a typical home environment that does not includea computer according to an exemplary embodiment of the presentinvention.

FIG. 4 is a flowchart illustrating an RDS data security method accordingto an exemplary embodiment of the present invention. The RDS datasecurity method will be now described with reference to FIGS. 1 and 4.

Referring to FIGS. 1 and 4, an RDS command is received from a host (notshown) through the interface unit 100 (Step 400). A user stores asecurity setting for the RDS data in the storage unit 110 (Step 410).The security setting may require authentication for informationrequiring data security according to the importance of the RDS data.

Reading and writing operations of the RDS data are performed accordingto the RDS command and the security setting stored in the storage unit110 (Step 420). Since, authentication requirements for the same RDS dataare different according to the type of reading and writing operations,an operation is allowed in accordance with the security setting. Whenthe RDS data requires an authentication but the RDS data is incorrectlyauthenticated or not authenticated, the display unit 130 displays anerror message, and the operation is not performed.

After the reading and writing operations of the RDS data are performed,a result obtained by the reading and writing operations is stored in thestorage unit 110 (Step 430). The display unit 130 displays the resultstored in the storage unit 110 (Step 440). The display unit 130 may beincluded in the RDS data security apparatus, or implemented as anexternal device connected to the RDS data security apparatus via anetwork.

A user determines whether to transmit the result to the server afterchecking the result displayed on the display unit 130 (Step 450).

The exemplary embodiments of the present invention can be written ascomputer programs and can be implemented in general-use digitalcomputers that perform the programs using a computer readable recordingmedium. Examples of the computer readable recording medium includemagnetic storage media (for example, ROM, floppy disks, hard disks, andthe like), optical recording media (for example, CD-ROMs, or DVDs), andstorage media such as carrier waves (for example, transmission throughthe Internet).

According to certain exemplary embodiments of the present invention,since reading and writing operations of RDS data are performed accordingto an RDS command received from a host and previously stored securitysetting, and the result obtained by the reading and writing operationsis displayed, data collected in the RDS can be prevented from beingtransmitted to a server without permission, and data allowed to anauthorized user can be transmitted to the server.

While the present invention has been particularly shown and describedwith reference to certain exemplary embodiments thereof, it will beunderstood by those skilled in the art that various changes in form anddetails may be made therein without departing from the spirit and scopeof the present invention as defined by the appended claims and theirequivalents.

1. A remote diagnostic system (RDS) data security apparatus comprising:an interface unit for receiving an RDS command from a host; a storageunit for storing a security setting for RDS data; and a control unit forperforming an operation for the RDS data according to the RDS commandand the security setting; a display unit for displaying the result, andwherein the control unit determines whether to transmit the resultsstored in the storage unit to a server according to a command inputafter the result displayed on the display unit is verified, and thesecurity setting and selectively outputs a result of the operationdetermined to be transmitted to the server.
 2. The apparatus of claim 1,wherein the control unit stores the result obtained by performing theoperation for the RDS data.
 3. The apparatus of claim 1, wherein thedisplay unit comprises at least one of an internal device included inthe RDS data security apparatus and an external device connected to theRDS data security apparatus via a network.
 4. The apparatus of claim 1,wherein the security setting comprises authentication according to theimportance of the RDS data.
 5. The apparatus of claim 4, wherein thecontrol unit parses the RDS command to determine whether the RDS datarequires authentication, and when a determination is made that the RDSdata requires authentication, an error message is displayed on thedisplay unit if the RDS data comprises at least one of incorrectlyauthenticated and not authenticated data.
 6. The apparatus of claim 4,wherein the security setting comprises different authenticationrequirements for the same RDS data according to a type of operations. 7.The apparatus of claim 1, wherein the security setting comprises adetermination whether to transmit the RDS data to the server accordingto an encryption level of the RDS data.
 8. An RDS data security methodcomprising: receiving an RDS command from a host; storing a securitysetting for RDS data in a storage unit; performing an operation for RDSdata according to the RDS command and the security setting; displayingthe result on a displaying unit after the performing of the operation;determining whether the result stored in the storage unit is transmittedto a server according to a command input after the result displayed onthe display unit is verified, and the security setting; and selectivelyoutputting a result of the operation determined to be transmitted to theserver.
 9. The method of claim 8, further comprising storing the resultin the storage unit after the performing of the operation.
 10. Themethod of claim 8, wherein the display unit comprises at least one of aninternal device included in an RDS data security device and an externalapparatus connected to the RDS data security apparatus via a network.11. The method of claim 8, wherein the security setting comprisesauthentication according to the importance of the RDS data.
 12. Themethod of claim 11, wherein the performing of the operation furthercomprises determining whether the RDS data requires authentication byparsing the RDS command, and when a determination is made that the RDSdata requires authentication, displaying an error message on the displayunit if the RDS data comprises at least one of incorrectly authenticatedand not authenticated data.
 13. The method of claim 11, wherein thesecurity setting comprises different authentication requirements for thesame RDS data according to a type of operations.
 14. The method of claim8, wherein the security setting comprises a determination whether totransmit the RDS data to the server according to an encryption level ofthe RDS data.
 15. A computer readable recording medium having embodiedthereon a computer program for executing a method of claim 8.